From: Junio C Hamano <gitster@pobox.com>
Date: Fri, 22 Sep 2017 05:51:37 +0000 (+0900)
Subject: Git 2.14.2
X-Git-Tag: v2.14.2^0
X-Git-Url: https://git.lorimer.id.au/gitweb.git/diff_plain/4010f1d1b782eb7585e0e0abcefa794bd5ff29a0?ds=inline;hp=--cc

Git 2.14.2

Signed-off-by: Junio C Hamano <gitster@pobox.com>
---

4010f1d1b782eb7585e0e0abcefa794bd5ff29a0
diff --git a/Documentation/RelNotes/2.14.2.txt b/Documentation/RelNotes/2.14.2.txt
index bcfe78f59d..bec9186ade 100644
--- a/Documentation/RelNotes/2.14.2.txt
+++ b/Documentation/RelNotes/2.14.2.txt
@@ -91,4 +91,15 @@ Fixes since v2.14.1
  * "git archive" did not work well with pathspecs and the
    export-ignore attribute.
 
+ * "git cvsserver" no longer is invoked by "git daemon" by default,
+   as it is old and largely unmaintained.
+
+ * Various Perl scripts did not use safe_pipe_capture() instead of
+   backticks, leaving them susceptible to end-user input.  They have
+   been corrected.
+
 Also contains various documentation updates and code clean-ups.
+
+Credits go to joernchen <joernchen@phenoelit.de> for finding the
+unsafe constructs in "git cvsserver", and to Jeff King at GitHub for
+finding and fixing instances of the same issue in other scripts.